j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Apply patch from Scott Lamb: Update documentation to match tincctl changes

Browse source
This commit is contained in:
Guus Sliepen 2007-09-04 15:06:35 +00:00
parent 86358fabfe
commit 6c453769fd
5 changed files with 192 additions and 105 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
doc/Makefile.am
View file

@ -2,11 +2,11 @@
info_TEXINFOS = tinc.texi
man_MANS = tincd.8 tinc.conf.5
man_MANS = tincd.8 tincctl.8 tinc.conf.5
EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
EXTRA_DIST = tincinclude.texi.in tincd.8.in tincctl.8.in tinc.conf.5.in sample-config.tar.gz
CLEANFILES = *.html tinc.info tincd.8 tinc.conf.5 tincinclude.texi
CLEANFILES = *.html tinc.info tincd.8 tincctl.8 tinc.conf.5 tincinclude.texi
# Use `ginstall' in the definition of man_MANS to avoid
# confusion with the `install' target. The install rule transforms `ginstall'
@ -25,6 +25,9 @@ texi2html: tinc.texi
tincd.8.html: tincd.8
w3mman2html $< > $@
tincctl.8.html: tincctl.8
w3mman2html $< > $@
tinc.conf.5.html: tinc.conf.5
w3mman2html $< > $@
@ -37,6 +40,9 @@ substitute = sed \
tincd.8: tincd.8.in
$(substitute) tincd.8.in > tincd.8
tincctl.8: tincctl.8.in
$(substitute) tincctl.8.in > tincctl.8
tinc.conf.5: tinc.conf.5.in
$(substitute) tinc.conf.5.in > tinc.conf.5

117
doc/tinc.texi
View file

@ -71,6 +71,7 @@ permission notice identical to this one.
* Installation::
* Configuration::
* Running tinc::
* Controlling tinc::
* Technical information::
* Platform specific information::
* About us::
@ -981,7 +982,7 @@ accidental eavesdropping if you are editting the configuration file.
@cindex PrivateKeyFile
@item PrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/rsa_key.priv})
This is the full path name of the RSA private key file that was
generated by @samp{tincd --generate-keys}. It must be a full path, not a
generated by @samp{tincctl generate-keys}. It must be a full path, not a
relative directory.
Note that there must be exactly one of PrivateKey
@ -1053,7 +1054,7 @@ This is the RSA public key for this host.
@cindex PublicKeyFile
@item PublicKeyFile = <@var{path}> [obsolete]
This is the full path name of the RSA public key file that was generated
by @samp{tincd --generate-keys}. It must be a full path, not a relative
by @samp{tincctl generate-keys}. It must be a full path, not a relative
directory.
@cindex PEM format
@ -1230,7 +1231,7 @@ Now that you have already created the main configuration file and your host conf
you can easily create a public/private keypair by entering the following command:
@example
tincd -n @var{netname} -K
tincctl -n @var{netname} generate-keys
@end example
Tinc will generate a public and a private key and ask you where to put them.
@ -1459,7 +1460,7 @@ Address = 4.5.6.7
A, B, C and D all have generated a public/private keypair with the following command:
@example
tincd -n company -K
tincctl -n company generate-keys
@end example
The private key is stored in @file{@value{sysconfdir}/tinc/company/rsa_key.priv},
@ -1525,20 +1526,12 @@ This will also disable the automatic restart mechanism for fatal errors.
Set debug level to @var{level}. The higher the debug level, the more gets
logged. Everything goes via syslog.
@item -k, --kill[=@var{signal}]
Attempt to kill a running tincd (optionally with the specified @var{signal} instead of SIGTERM) and exit.
Use it in conjunction with the -n option to make sure you kill the right tinc daemon.
Under native Windows the optional argument is ignored,
the service will always be stopped and removed.
@item -n, --net=@var{netname}
Use configuration for net @var{netname}. @xref{Multiple networks}.
@item -K, --generate-keys[=@var{bits}]
Generate public/private keypair of @var{bits} length. If @var{bits} is not specified,
1024 is the default. tinc will ask where you want to store the files,
but will default to the configuration directory (you can use the -c or -n option
in combination with -K). After that, tinc will quit.
@item --controlsocket=@var{filename}
Open control socket at @var{filename}. If unspecified, the default is
@file{@value{localstatedir}/run/tinc.@var{netname}.control}.
@item -L, --mlock
Lock tinc into main memory.
@ -1548,9 +1541,6 @@ This will prevent sensitive data like shared private keys to be written to the s
Write log entries to a file instead of to the system logging facility.
If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}.
@item --pidfile=@var{file}
Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
@item --bypass-security
Disables encryption and authentication.
Only useful for debugging.
@ -1792,6 +1782,97 @@ Be sure to include the following information in your bugreport:
@item The output of any command that fails to work as it should (like ping or traceroute).
@end itemize
@c ==================================================================
@node Controlling tinc
@chapter Controlling tinc
You can control and inspect a running @samp{tincd} through the @samp{tincctl}
command. A quick example:
@example
tincctl -n @var{netname} reload
@end example
@menu
* tincctl runtime options::
* tincctl commands::
@end menu
@c ==================================================================
@node tincctl runtime options
@section tincctl runtime options
@c from the manpage
@table @option
@item -c, --config=@var{path}
Read configuration options from the directory @var{path}. The default is
@file{@value{sysconfdir}/tinc/@var{netname}/}.
@item -n, --net=@var{netname}
Use configuration for net @var{netname}. @xref{Multiple networks}.
@item --controlsocket=@var{filename}
Open control socket at @var{filename}. If unspecified, the default is
@file{@value{localstatedir}/run/tinc.@var{netname}.control}.
@item --help
Display a short reminder of runtime options and commands, then terminate.
@item --version
Output version information and exit.
@end table
@c ==================================================================
@node tincctl commands
@section tincctl commands
@c from the manpage
@table @code
@item start
Start @samp{tincd}.
@item stop
Stop @samp{tincd}.
@item restart
Restart @samp{tincd}.
@item reload
Partially rereads configuration files. Connections to hosts whose host
config files are removed are closed. New outgoing connections specified
in @file{tinc.conf} will be made.
@item pid
Shows the PID of the currently running @samp{tincd}.
@item generate-keys [@var{bits}]
Generate public/private keypair of @var{bits} length. If @var{bits} is not specified,
1024 is the default. tinc will ask where you want to store the files,
but will default to the configuration directory (you can use the -c or -n
option).
@item dump nodes
Dump a list of all known nodes in the VPN.
@item dump edges
Dump a list of all known connections in the VPN.
@item dump subnets
Dump a list of all known subnets in the VPN.
@item dump connections
Dump a list of all meta connections with ourself.
@item dump graph
Dump a graph of the VPN in dotty format.
@end table
@c ==================================================================
@node Technical information
@chapter Technical information

32
doc/tincd.8.in
View file

@ -8,16 +8,13 @@
.Nd tinc VPN daemon
.Sh SYNOPSIS
.Nm
.Op Fl cdDkKnL
.Op Fl cdDKnL
.Op Fl -config Ns = Ns Ar DIR
.Op Fl -no-detach
.Op Fl -debug Ns Op = Ns Ar LEVEL
.Op Fl -kill Ns Op = Ns Ar SIGNAL
.Op Fl -net Ns = Ns Ar NETNAME
.Op Fl -generate-keys Ns Op = Ns Ar BITS
.Op Fl -mlock
.Op Fl -logfile Ns Op = Ns Ar FILE
.Op Fl -pidfile Ns = Ns Ar FILE
.Op Fl -bypass-security
.Op Fl -help
.Op Fl -version
@ -51,24 +48,9 @@ If not mentioned otherwise, this will show log messages on the standard error ou
Increase debug level or set it to
.Ar LEVEL
(see below).
.It Fl k, -kill Ns Op = Ns Ar SIGNAL
Attempt to kill a running
.Nm
(optionally with the specified
.Ar SIGNAL
instead of SIGTERM) and exit.
Under Windows (not Cygwin) the optional argument is ignored,
the service will always be stopped and removed.
.It Fl n, -net Ns = Ns Ar NETNAME
Connect to net
.Ar NETNAME .
.It Fl K, -generate-keys Ns Op = Ns Ar BITS
Generate public/private RSA keypair and exit.
If
.Ar BITS
is omitted, the default length will be 1024 bits.
When saving keys to existing files, tinc will not delete the old keys,
you have to remove them manually.
.It Fl L, -mlock
Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
@ -78,12 +60,13 @@ If
.Ar FILE
is omitted, the default is
.Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log.
.It Fl -pidfile Ns = Ns Ar FILE
Write PID to
.It Fl -controlsocket Ns = Ns Ar FILENAME
Open control socket at
.Ar FILENAME .
If
.Ar FILE
instead of
.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
Under Windows this option will be ignored.
is omitted, the default is
.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
Only useful for debugging.
@ -167,6 +150,7 @@ If you find any bugs, report them to tinc@tinc-vpn.org.
.Sh TODO
A lot, especially security auditing.
.Sh SEE ALSO
.Xr tincctl 8 ,
.Xr tinc.conf 5 ,
.Pa http://www.tinc-vpn.org/ ,
.Pa http://www.cabal.org/ .

135
po/nl.po
View file

@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: tinc 1.0-svn\n"
"Report-Msgid-Bugs-To: tinc-devel@tinc-vpn.org\n"
"POT-Creation-Date: 2007-01-05 14:14+0100\n"
"POT-Creation-Date: 2007-03-07 18:48+0100\n"
"PO-Revision-Date: 2007-01-05 14:14+0100\n"
"Last-Translator: Guus Sliepen <guus@tinc-vpn.org>\n"
"Language-Team: Dutch\n"
@ -90,16 +90,16 @@ msgstr "iedereen"
msgid "BROADCAST"
msgstr "BROADCAST"
#: src/connection.c:120
#: src/connection.c:115
msgid "Connections:"
msgstr "Verbindingen:"
#: src/connection.c:124
#: src/connection.c:119
#, c-format
msgid " %s at %s options %lx socket %d status %04x outbuf %d/%d/%d"
msgstr " %s op %s opties %lx socket %d status %04x outbuf %d/%d/%d"
#: src/connection.c:129
#: src/connection.c:124
msgid "End of connections."
msgstr "Einde van verbindingen."
@ -161,52 +161,57 @@ msgstr "Verwijderen onbereikbare nodes"
msgid "Purging node %s (%s)"
msgstr "Verwijdering node %s (%s)"
#: src/net.c:173
#: src/net.c:159
#, c-format
msgid "Closing connection with %s (%s)"
msgstr "Beëindigen verbinding met %s (%s)"
#: src/net.c:244
#: src/net.c:230
#, c-format
msgid "%s (%s) didn't respond to PING in %ld seconds"
msgstr "%s (%s) antwoordde niet binnen %ld seconden op PING"
#: src/net.c:253
#: src/net.c:239
#, c-format
msgid "Old connection_t for %s (%s) status %04x still lingering, deleting..."
msgstr ""
"Oude connection_t voor %s (%s) status %04x nog steeds aanwezig, wordt "
"verwijderd..."
#: src/net.c:258
#: src/net.c:244
#, c-format
msgid "Timeout from %s (%s) during authentication"
msgstr "Timeout van %s (%s) tijdens authenticatie"
#: src/net.c:273
#: src/net.c:259
#, c-format
msgid "%s (%s) could not flush for %ld seconds (%d bytes remaining)"
msgstr "%s (%s) kon niet binnen %ld seconden wegschrijven (%d bytes over)"
#: src/net.c:318
#: src/net.c:286
#, c-format
msgid "Error while connecting to %s (%s): %s"
msgstr "Fout tijdens schrijven naar %s (%s): %s"
#: src/net.c:383
#: src/net.c:345
#, fuzzy, c-format
msgid "Error building fdset: %s"
msgstr "Fout tijdens lezen van standaardinvoer: %s\n"
#: src/net.c:354
#, c-format
msgid "Error while waiting for input: %s"
msgstr "Fout tijdens wachten op invoer: %s"
#: src/net.c:414
#: src/net.c:383
msgid "Regenerating symmetric key"
msgstr "Hergenereren symmetrische sleutel"
#: src/net.c:431
#: src/net.c:400
msgid "Flushing event queue"
msgstr "Legen taakrij"
#: src/net.c:455
#: src/net.c:419
msgid "Unable to reread configuration file, exitting."
msgstr "Kan configuratiebestand niet herlezen, beëindigen."
@ -287,9 +292,9 @@ msgstr "Fout tijdens versleutelen pakket naar %s (%s): %s"
msgid "Setting outgoing packet priority to %d"
msgstr "Instellen prioriteit uitgaand pakket op %d"
#: src/net_packet.c:393 src/net_setup.c:478 src/net_socket.c:129
#: src/net_socket.c:158 src/tincd.c:435 src/tincd.c:472 src/process.c:198
#: src/process.c:231 src/process.c:428 src/bsd/device.c:93
#: src/net_packet.c:393 src/net_setup.c:487 src/net_socket.c:129
#: src/net_socket.c:158 src/tincd.c:435 src/tincd.c:477 src/process.c:198
#: src/process.c:231 src/process.c:430 src/bsd/device.c:93
#: src/bsd/device.c:112 src/cygwin/device.c:140 src/cygwin/device.c:171
#: src/mingw/device.c:73 src/mingw/device.c:82 src/mingw/device.c:87
#: src/mingw/device.c:256 src/mingw/device.c:263 src/mingw/device.c:268
@ -340,113 +345,118 @@ msgstr "Ontvangst pakket mislukt: %s"
msgid "Received UDP packet from unknown source %s"
msgstr "Ontvangst UDP pakket van onbekende oorsprong %s"
#: src/net_setup.c:77 src/net_setup.c:94
#: src/net_setup.c:78 src/net_setup.c:95
#, c-format
msgid "Error reading RSA public key file `%s': %s"
msgstr "Fout tijdens lezen RSA publieke sleutel bestand `%s': %s"
#: src/net_setup.c:109
#: src/net_setup.c:110
#, c-format
msgid "Reading RSA public key file `%s' failed: %s"
msgstr "Lezen RSA publieke sleutel bestand `%s' mislukt: %s"
#: src/net_setup.c:145
#: src/net_setup.c:146
#, c-format
msgid "No public key for %s specified!"
msgstr "Geen publieke sleutel bekend voor %s gespecificeerd!"
#: src/net_setup.c:160
#: src/net_setup.c:161
msgid "PrivateKey used but no PublicKey found!"
msgstr "PrivateKey gebruikt maar geen PublicKey gevonden!"
#: src/net_setup.c:179
#: src/net_setup.c:180
#, c-format
msgid "Error reading RSA private key file `%s': %s"
msgstr "Fout tijdens lezen RSA privé sleutel bestand `%s': %s"
#: src/net_setup.c:187
#: src/net_setup.c:188
#, c-format
msgid "Could not stat RSA private key file `%s': %s'"
msgstr "Kon gegevens RSA privé sleutel bestand `%s' niet opvragen: %s"
#: src/net_setup.c:194
#: src/net_setup.c:195
#, c-format
msgid "Warning: insecure file permissions for RSA private key file `%s'!"
msgstr ""
"Waarschuwing: onveilige permissies voor RSA privé sleutel bestand `%s'!"
#: src/net_setup.c:201
#: src/net_setup.c:202
#, c-format
msgid "Reading RSA private key file `%s' failed: %s"
msgstr "Fout tijdens lezen RSA privé sleutel bestand `%s': %s"
#: src/net_setup.c:231 src/net_setup.c:232
#: src/net_setup.c:232 src/net_setup.c:233
msgid "MYSELF"
msgstr "MIJZELF"
#: src/net_setup.c:238
#: src/net_setup.c:239
msgid "Name for tinc daemon required!"
msgstr "Naam voor tinc daemon verplicht!"
#: src/net_setup.c:243
#: src/net_setup.c:244
msgid "Invalid name for myself!"
msgstr "Ongeldige naam voor mijzelf!"
#: src/net_setup.c:252
#: src/net_setup.c:253
msgid "Cannot open host configuration file for myself!"
msgstr "Kan host configuratie bestand voor mijzelf niet openen!"
#: src/net_setup.c:305
#: src/net_setup.c:306
msgid "Invalid routing mode!"
msgstr "Ongeldige routing modus!"
#: src/net_setup.c:316
#: src/net_setup.c:317
msgid "PriorityInheritance not supported on this platform"
msgstr "PriorityInheritance wordt niet ondersteund op dit platform"
#: src/net_setup.c:324
#: src/net_setup.c:325
msgid "Bogus maximum timeout!"
msgstr "Onzinnige maximum timeout!"
#: src/net_setup.c:338
#: src/net_setup.c:339
msgid "Invalid address family!"
msgstr "Ongeldige adresfamilie!"
#: src/net_setup.c:356
#: src/net_setup.c:357
msgid "Unrecognized cipher type!"
msgstr "Onbekend cipher type!"
#: src/net_setup.c:381 src/protocol_auth.c:194
#: src/net_setup.c:382 src/protocol_auth.c:194
#, c-format
msgid "Error during initialisation of cipher for %s (%s): %s"
msgstr "Fout tijdens initialisatie van cipher voor %s (%s): %s"
#: src/net_setup.c:398
#: src/net_setup.c:399
msgid "Unrecognized digest type!"
msgstr "Onbekend digest type!"
#: src/net_setup.c:411
#: src/net_setup.c:412
msgid "MAC length exceeds size of digest!"
msgstr "MAC lengte is groter dan dat van digest!"
#: src/net_setup.c:414
#: src/net_setup.c:415
msgid "Bogus MAC length!"
msgstr "Onzinnige MAC lengte!"
#: src/net_setup.c:428
#: src/net_setup.c:429
msgid "Bogus compression level!"
msgstr "Onzinnig compressieniveau!"
#: src/net_setup.c:500
#: src/net_setup.c:454 src/net_setup.c:514 src/net_setup.c:525
#, fuzzy, c-format
msgid "event_add failed: %s"
msgstr "Ontvangst pakket mislukt: %s"
#: src/net_setup.c:534
#, c-format
msgid "Listening on %s"
msgstr "Luisterend op %s"
#: src/net_setup.c:511
#: src/net_setup.c:545
msgid "Ready"
msgstr "Gereed"
#: src/net_setup.c:513
#: src/net_setup.c:547
msgid "Unable to create any listening socket!"
msgstr "Kon geen enkele luistersocket aanmaken!"
@ -529,12 +539,12 @@ msgstr "Geen adres gespecificeerd voor %s"
msgid "Accepting a new connection failed: %s"
msgstr "Aanname van nieuwe verbinding is mislukt: %s"
#: src/net_socket.c:418
#: src/net_socket.c:417
#, c-format
msgid "Connection from %s"
msgstr "Verbinding van %s"
#: src/net_socket.c:443
#: src/net_socket.c:440
#, c-format
msgid "Invalid name for outgoing connection in %s line %d"
msgstr "Ongeldige naam voor uitgaande verbinding in %s regel %d"
@ -1002,10 +1012,15 @@ msgid "mlockall() not supported on this platform!"
msgstr "mlockall() wordt niet ondersteund op dit platform!"
#: src/tincd.c:466
#, fuzzy
msgid "Error initializing libevent!"
msgstr "Fout tijdens initialiseren LZO compressor!"
#: src/tincd.c:471
msgid "Error initializing LZO compressor!"
msgstr "Fout tijdens initialiseren LZO compressor!"
#: src/tincd.c:507
#: src/tincd.c:512
msgid "Terminating"
msgstr "Beëindigen"
@ -1129,56 +1144,56 @@ msgstr "Kon pid bestand %s niet schrijven: %s\n"
msgid "tincd %s (%s %s) starting, debug level %d"
msgstr "tincd %s (%s %s) start, debug niveau %d"
#: src/process.c:385
#: src/process.c:387
#, c-format
msgid "Executing script %s"
msgstr "Uitvoeren script %s"
#: src/process.c:415
#: src/process.c:417
#, c-format
msgid "Script %s exited with non-zero status %d"
msgstr "Script %s beëindigde met status %d"
#: src/process.c:420
#: src/process.c:422
#, c-format
msgid "Script %s was killed by signal %d (%s)"
msgstr "Script %s was gestopt door signaal %d (%s)"
#: src/process.c:424
#: src/process.c:426
#, c-format
msgid "Script %s terminated abnormally"
msgstr "Script %s abnormaal beëindigd"
#: src/process.c:444 src/process.c:453 src/process.c:494 src/process.c:500
#: src/process.c:518
#: src/process.c:446 src/process.c:455 src/process.c:496 src/process.c:502
#: src/process.c:520
#, c-format
msgid "Got %s signal"
msgstr "Kreeg %s signaal"
#: src/process.c:462
#: src/process.c:464
#, c-format
msgid "Got another fatal signal %d (%s): not restarting."
msgstr "Kreeg nog een fataal signaal %d (%s): geen herstart."
#: src/process.c:471
#: src/process.c:473
#, c-format
msgid "Got fatal signal %d (%s)"
msgstr "Kreeg fataal signaal %d (%s)"
#: src/process.c:475
#: src/process.c:477
msgid "Trying to re-execute in 5 seconds..."
msgstr "Poging tot herstarten over 5 seconden..."
#: src/process.c:487
#: src/process.c:489
msgid "Not restarting."
msgstr "Geen herstart."
#: src/process.c:503
#: src/process.c:505
#, c-format
msgid "Reverting to old debug level (%d)"
msgstr "Herstellen van oud debug niveau (%d)"
#: src/process.c:509
#: src/process.c:511
#, c-format
msgid ""
"Temporarily setting debug level to 5. Kill me with SIGINT again to go back "
@ -1187,17 +1202,17 @@ msgstr ""
"Tijdelijk instellen debug niveau op 5. Zend nog een SIGINT signaal om niveau "
"%d te herstellen."
#: src/process.c:542
#: src/process.c:544
#, c-format
msgid "Got unexpected signal %d (%s)"
msgstr "Kreeg onverwacht signaal %d (%s)"
#: src/process.c:548
#: src/process.c:550
#, c-format
msgid "Ignored signal %d (%s)"
msgstr "Signaal %d (%s) genegeerd"
#: src/process.c:602
#: src/process.c:604
#, c-format
msgid "Installing signal handler for signal %d (%s) failed: %s\n"
msgstr "Installeren van signaal afhandelaar voor signaal %d (%s) faalde: %s\n"

1
src/tincd.c
View file

@ -104,6 +104,7 @@ static void usage(bool status)
" -L, --mlock Lock tinc into main memory.\n"
" --logfile[=FILENAME] Write log entries to a logfile.\n"
" --controlsocket=FILENAME Open control socket at FILENAME.\n"
" --bypass-security Disables meta protocol security, for debugging.\n"
" --help Display this help and exit.\n"
" --version Output version information and exit.\n\n"));
printf(_("Report bugs to tinc@tinc-vpn.org.\n"));